I have code which generates PAdES-B CMSSignedData.
After this I am including timestamp in usigned attributes which is making CMSSignedData PAdES-T.
How can I make it PAdES-LT? Where should we include revocation information?
Thanks in advance.
Code to generate PAdES-B CMSSignedData
private CMSSignedDataGenerator getCmsSignedDataGenerator(ElectronicSignatureModel signatureModel) {
CMSSignedDataGenerator signGenerator = new CMSSignedDataGenerator();
signGenerator.addCertificates(new JcaCertStore(signatureModel.getChain()));
ContentSigner nonSigner = new ContentSigner() {
@Override
public byte[] getSignature() {
return signatureModel.getSignature();
}
@Override
public OutputStream getOutputStream() {
return new ByteArrayOutputStream();
}
@Override
public AlgorithmIdentifier getAlgorithmIdentifier() {
return new DefaultSignatureAlgorithmIdentifierFinder()
.find(signatureModel.getSigningAlgorithm().getAlgoName());
}
};
JcaSignerInfoGeneratorBuilder signerBuilder = new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().build());
signerBuilder.setDirectSignature(true);
//user certificate
Certificate userCertHolder = Certificate.getInstance(ASN1Primitive.fromByteArray(
signatureModel.getChain().get(0).getEncoded()));
signGenerator.addSignerInfoGenerator(signerBuilder.build(nonSigner, new X509CertificateHolder(userCertHolder)));
return signGenerator;
}
CMSSignedDataGenerator signGenerator = getCmsSignedDataGenerator(signatureModel, false);
CMSSignedData cmsSignedData = signGenerator.generate(new CMSProcessableByteArray(signatureModel.getSignature()), false);